News Column

Patent Issued for Secure Messaging Facility System

September 11, 2014

By a News Reporter-Staff News Editor at Computer Weekly News -- A patent by the inventors Hoghaug, Robert John (Prior Lake, MN); Hoghaug, Thomas Andrew (Chanhassen, MN), filed on January 14, 2013, was published online on August 26, 2014, according to news reporting originating from Alexandria, Virginia, by VerticalNews correspondents.

Patent number 8819248 is assigned to Indigo Identityware, Inc. (Minnetonka, MN).

The following quote was obtained by the news editors from the background information supplied by the inventors: "The present invention relates to software messaging for computer workstations, servers, networks, and the like, and more particularly, to a method, software, and system for passage of authentication data between computer resources, including hardware devices, operating systems, and graphical identification and authentication modules, and application software, whether locally, remotely, or in combination. The secure messaging facility is intended for use by individuals and businesses that need to limit access to secured resources.

"Most authentication-based applications, other than certain proprietary authentication components, communicate with one another by directly loading each other into their respective address spaces. This method of interaction is known as tightly coupled, meaning that individual applications directly call functions of the other applications and load the hardware drivers directly. This method of interaction is very rigid and limiting, since a high degree of compatibility is needed for the applications to be able to properly call functions of the other applications. In order to obtain this high degree of compatibility, highly customized modifications to application and authentication software can be required. The ability to accommodate local and remote users and authentication devices, and provide secure access to local and remote resources, severely limits the flexibility of such an approach."

In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventors' summary information for this patent: "The general purpose of the present invention is to provide a system for transferring data between various applications to enable efficient and flexible secure authentication. Specifically, the present invention overcomes inadequacies of the prior art by creating a novel architecture for authentication-related data transfer and communication between the various users, authentication modules, authentication devices, operating systems, application software, and other resources, including local and remote hardware, software, and data. The present invention provides this utility by transferring all the required data through the messaging facility in the form of messages. Since the authentication-related data is transferred throughout the messaging facility layer in the form of messages, the secure messaging facility of the present invention provides for simpler and more flexible authentication among various local and remote resources. The messages use a request and response format meaning that for every message request submitted there is a response message generated.

"The present secure messaging facility has particular utility for computers, workstations, and servers running Microsoft Windows NT based operating systems. The present invention also has utility for computers running other operating systems, and can be adapted for such.

"The messaging facility is comprised of three main components; the first creates and processes messages and contains the messaging facility library which is an object code library such as those loaded by Windows applications. These libraries are normally referred to as Dynamic Link Libraries or DLLs. The second component is the messaging facility Service which is a specialized version of the standard Windows application which is designed to be loaded when the operating system starts. The third component is a proprietary authentication server.

"All messages originate in the messaging facility DLL (i.e., the Windows applications) and are sent to the messaging facility Service located on the same machine to which the application loaded the messaging facility DLL. The messages, however, need not be destined for the local messaging facility Service but may be destined instead for a messaging facility Service located on another machine, or for the proprietary authentication server. The final location of a particular message can be effected by various controls, including control by the local messaging facility Service, and including use of information stored in the message itself.

"The messaging facility Service is started when the workstation or server boots, and stays running the entire time the operating system is on. The messaging facility Service is largely passive since it only responds to messages sent to it by the messaging facility dynamic link library. The primary purpose and function of the messaging facility DLL is to form the messages to be sent to the messaging facility Service where they can be processed or directed to the proprietary authentication Service or another messaging facility Service running on another system. The actual message sent between the messaging facility DLL and messaging facility Service is designed to be extremely flexible and can be used to send almost any type of information.

"One significant aspect and feature of the present invention is secure messaging system for communication of authentication data, that is easy to integrate into any application software requiring high levels of security authentication, freeing the software developer from designing, implementing and testing their own version of an authentication system.

"Another significant aspect and feature of the present invention is a secure authentication software development package for use with any combination or variety of biometric, token, proximity or password devices to securely authenticate the user.

"A further significant aspect and feature of the present invention is the ability to maintain a detailed and secure audit trail of successful and unsuccessful authentications and logged events.

"Yet another significant aspect and feature of the present invention is a communication and coordination system for secure authentication where software applications and authentication hardware are uncoupled, and can therefore be local or remote.

"Still another significant aspect and feature of the present invention is a secure messaging facility which is easily adapted and independent of underlying hardware.

"A further significant aspect and feature of the present invention is a secure messaging facility for flexibly implementing local and remote authentication, which is applicable to a variety of operating system environments, including Microsoft Windows NT/2000/XP related operating systems as well as non-Microsoft Windows NT/2000/XP related operating systems.

"Having thus described embodiments and significant aspects and features of the present invention, it is the principal object of the present invention to provide a connection between software operating systems or user applications and authentication applications, authentication devices, or Services."

URL and more information on this patent, see: Hoghaug, Robert John; Hoghaug, Thomas Andrew. Secure Messaging Facility System. U.S. Patent Number 8819248, filed January 14, 2013, and published online on August 26, 2014. Patent URL:

Keywords for this news article include: Indigo Identityware, Indigo Identityware Inc., Software.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: Computer Weekly News

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters